[ovirt-users] Re: not able to upload disks, iso - paused by the system error -- Version 4.4.6.7-1.el8
On Tue, Oct 12, 2021 at 8:55 AM dhanaraj.ramesh--- via Users
<users(a)ovirt.org> wrote:
Hi Team
in one of the cluster infra, we are unable to upload the images or disks via gui. up on
checking the /var/log/ovirt-imageio/daemon.log found that throwing ssl connection failure,
help us to check what are we missing..
Which version?
If you are on ovirt 4.4, please share output of:
ovirt-imageio --show-config
on engine.
We are using thirdparty CA approved SSL for web GUI..
2021-10-11 22:45:42,812 INFO (Thread-6) [http] OPEN connection=6 client=127.0.0.1
2021-10-11 22:45:42,812 INFO (Thread-6) [tickets] [127.0.0.1] REMOVE
ticket=f18cff91-1fc4-43b6-91ea-ca2a11d409a6
2021-10-11 22:45:42,813 INFO (Thread-6) [http] CLOSE connection=6 client=127.0.0.1
[connection 1 ops, 0.000539 s] [dispatch 1 ops, 0.000216 s]
2021-10-11 22:45:43,621 INFO (Thread-4) [images] [::ffff:10.12.23.212] OPTIONS
ticket=53ff98f9-f429-4880-abe6-06c6c01473de
2021-10-11 22:45:43,621 INFO (Thread-4) [backends.http] Open backend
netloc='renlovkvma01.test.lab:54322'
path='/images/53ff98f9-f429-4880-abe6-06c6c01473de'
cafile='/etc/pki/ovirt-engine/ca.pem' secure=True
Looks like the host is configured correctly - the http backend is
using the right CA file
to access the host.
2021-10-11 22:45:43,626 ERROR (Thread-4) [http] Server error
...
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)
The CA file on engine side (/etc/pki/ovirt-engine/ca.pem) does not
match the CA file on the host
(/etc/pki/vdsm/certs/cacert.pem).
Which files did you change when we added the thirdparty CA approved SSL?
Nir